Re: Can't ping gateway but can access internet?

I've recently taken over the IT Support role at two small primary
schools. One of which has had ongoing issues with internet access over
the last few weeks. (I only attend the campuses a few days a week so
trouble shooting this issue along with other issues has been
painstaking.)

Both schools are part of a VPN the one with the issue has two subnets
both from a Cisco 1700 router. The admin LAN has had no problems
however the school LAN has.

The server is 2003 and is the DC and runs DNS, DHCP and AD. Checks of
the DNS and DHCP settings appear to be correct as I have the admin LAN
and the other school to compare with.

Now the issue is that clients on the school LAN have intermittent
internet access.

- The browsers point to an upstream proxy server, there is no local
proxy.
- The server can always appear to access the internet via upstream
proxy even though it can't ping the gateway.
- The routing table appears correct and matches the admin side (apart
from the IP addresses of course).
- Pingplot over a 6 hour period from a client shows that when the
gateway (the school side of the router) can be pinged the proxy can't
be reached and vice versa.
- There are intermittent periods when the gateway can be pinged and
not.
- The server never seems to be able to ping the gateway.
- Constant pings of the gateway from the server get returned with two
errors randomly - Time out and Net unreachable.
- When the router is powered down and back up all works fine for about
45 seconds before returning to the up/down state.

Any thoughts?? Faulty router?

Thanks


DNS!

VPN complications aside (for now), seemingly intermittent Internet connectivity (and LAN name resolution) is a classic symptom of a mis-configured DNS. This can be on the client side or the server side or both.

Bottom line... all clients should point only to a DC in their TCP/IP properties (this includes the DNS client of your DC and other servers!). Specifically, the ISP provided (or external DNS) should NOT be in the DNS client's TCP/IP properties. The DC DNS server should be configured to forward all unknown requests to the ISP provided DNS server or the upstream router (which can then do this).

-Frank

.

Relevant Pages

  • Re: Secure messaging
    ... free GUI frontend Windows programs called "Wildcat! ... Interactive Net Server" ... > the teachers in a local school. ... > completely independent of Internet access? ...
    (microsoft.public.security)
  • Re: dcdiag errors
    ... recreated the DNS on one of the servers. ... > 306802 How to Configure Small Business Server for Full Time Internet ... > 309633 How to Configure a SBS for Full Time Internet Access with a Single ... > This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • RE: unable to ping server
    ... directly at the SBS Server, ... The Internet access wizard was used through first-time ... Ethernet adapter Server Local Area Connection: ... Connection-specific DNS Suffix. ...
    (microsoft.public.windows.server.sbs)
  • Re: DNS and Backup Domain Controller
    ... > for your domain in the properties of TCP/IP under the DNS tab. ... > point to this server ONLY. ... > Best Practices for DNS Client settings in Windows 2000 server and in Windows ... > How to configure DNS for Internet access in Windows Server 2003 ...
    (microsoft.public.windows.server.general)
  • Re: DNS and Backup Domain Controller
    ... Danny, I followed your instructions but I am still having problems. ... > for your domain in the properties of TCP/IP under the DNS tab. ... > point to this server ONLY. ... > How to configure DNS for Internet access in Windows Server 2003 ...
    (microsoft.public.windows.server.general)
Loading